Back to search
CVE-2015-1779
Published: Jan 12, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SU-2015:0870
vendor-advisory
x_refsource_SUSE
[Qemu-devel] 20150323 [PATCH 1/2] CVE-2015-1779: incrementally decode websocket frames
mailing-list
x_refsource_MLIST
FEDORA-2015-5541
vendor-advisory
x_refsource_FEDORA
DSA-3259
vendor-advisory
x_refsource_DEBIAN
[oss-security] 20150409 Re: CVE-2015-1779 qemu: vnc: insufficient resource limiting in VNC websockets decoder
mailing-list
x_refsource_MLIST
SUSE-SU-2015:0896
vendor-advisory
x_refsource_SUSE
FEDORA-2015-5482
vendor-advisory
x_refsource_FEDORA
[Qemu-devel] 20150323 [PATCH 0/2] CVE-2015-1779: fix denial of service in VNC websockets
mailing-list
x_refsource_MLIST
RHSA-2015:1931
vendor-advisory
x_refsource_REDHAT
[oss-security] 20150324 CVE-2015-1779 qemu: vnc: insufficient resource limiting in VNC websockets decoder
mailing-list
x_refsource_MLIST
1033975
vdb-entry
x_refsource_SECTRACK
RHSA-2015:1943
vendor-advisory
x_refsource_REDHAT
USN-2608-1
vendor-advisory
x_refsource_UBUNTU
[Qemu-devel] 20150323 [PATCH 2/2] CVE-2015-1779: limit size of HTTP headers from websockets clients
mailing-list
x_refsource_MLIST
73303
vdb-entry
x_refsource_BID
GLSA-201602-01
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now